A Network is Only as Secure as its Weakest Device

The Internet of Things (IoT) is growing exponentially and, unless you have been hiding under a rock, it’s hard not to notice the proliferation of connected devices we’re utilizing in our daily
lives. According to Gartner, as of the end of 2017, there were 6.3 billion smart devices already connected to networks, and it is predicted this number will grow to 20.4 billion by
2020. Gartner’s estimates tend to be more conservative than others, some of whom predicted 50 billion devices by 2020. However, Gartner’s figures are collated from an installed base of
smart TVs, fridges, security cameras, speakers and other devices.

Other analysts and consultancy firms offer similar predictions. McKinsey even said that IoT could generate up to $11.1 trillion a year in economic value by 2025,
provided businesses and policymakers throw their weight behind it.

Security—or the lack of it—is increasingly a pressing concern with IoT devices. However, this is an area in which CSPs can thrive. They can protect their customers’ network’s weakest point. By
leveraging their network connectivity services, CSPs can build sustainable, cost-effective and revenue-generating cybersecurity services.

But before we dive into the detail, let’s look at the specific security issues that are opening up opportunities for CSPs.

Profit, not security

IoT device manufacturers have—by and large—simply not prioritized security. They are driven by tight margins and rely on high-volume scales to generate revenue and profit.

Web Links

About Radisys

Radisys, a global leader in open telecom solutions, enables service providers to drive disruption with new open architecture business models. Radisys’ innovative disaggregated and
virtualized enabling technology solutions leverage open reference architectures and standards, combined with open software and hardware to power business transformation for the
telecom industry, while its world-class services organization delivers systems integration expertise necessary to solve communications and content providers’ complex deployment
challenges. For more information, visit www.Radisys.com. Keep up to date with Radisys: Follow us on Twitter

3

Embedding good levels of security into IoT devices requires significant investment and security expertise. If device manufacturers are to ensure robust security, they must ensure
security-by-design at the planning stage. From a manufacturer’s perspective, however, this often means a product redesign to accommodate, for example, larger processors that power security
features.

In turn, this makes devices more expensive and larger, eating into what are often slender profit margins. The fact is that many device manufacturers are simply not equipped to manage security;
how many security architects, security-certified software engineers, or network experts do they employ?

The specific security concerns around IoT are:

1. Default login credentials: There are already tens of millions of smart devices in use, yet manufacturers only use a small number of default password and usernames to protect
them. If device buyers continue to use the default passwords after purchase, the devices can be easily hacked. That said, it can be quite challenging for consumers to find the settings required
to change the password and username, and as a result, many people keep the default settings.